Legal development

Deferred Prosecution Agreements Transcript

Insight Hero Image

    RH: Okay. I think somebody at the Ashurst desk is going to tell me if we are not live anymore. But let's get started. The first thing I want to do is to introduce you to our panellists. This morning we have real pleasure to be joined by some experts in the business who have been thinking about deferred prosecution agreements and what they mean for clients for a very long time.

    Charlie Patrick is a partner at Forensic Risk Alliance (FRA). Charlie's a chartered accountant by trade with a long history of experience in forensic accounting and investigations, but he has also worked extensively as an investigator in corporates who are dealing with anti-bribery and corruption and other corporate investigations, and working on risk reviews and assessments around controls and systems has been a key part of Charlie's work in the last few years. Perhaps, most relevantly to today's conversation, Charlie was part of the FRA team which supported Airbus in its multi-national, multi-year investigation resulting in a settlement with four investigative authorities, one of them being the SFO here in the UK. So Charlie has been thinking hard about compliance programmes, particularly in the context of DPA, and he is going to have some fantastic insights to share with us.

    Rebecca Chalkley is an experienced barrister specialising in financial crime and regulation with a fantastic reputation for her work in fraud and she has been working for more than 20 years in this sphere, and her expertise in insider dealing, bribery and corruption, money laundering, tax fraud, is really impressive. Importantly for today, Rebecca has been instructed in many cases that have resulted in DPAs and so she understands exactly what goes on from inside, including one of the largest DPAs to be agreed to date.

    So we are going to have some really interesting insights from both Charlie and Rebecca.

    At the Ashurst end, I'm joined by Neil Donovan who is a Senior Associate in our team. He spent time at the SFO on secondment and he spends his practice dealing with corporate wrongdoing, investigations and corporate crime, and has done a good deal of thinking about what happens when corporates need to face off to enforcement authorities who may have DPA powers.

    And I am going to chair the panel today. I co-lead the Corporate Crime Team here at Ashurst and, as I say, a real pleasure to have such a great panel. Let's get started.

    So DPAs, deferred prosecution agreements, we have been talking about for a long time now, but they are topical. They're always topical and they're particularly topical at the moment. This is an area that's constantly moving at pace but we have two interesting events just in the last seven days. The SFO announced its tenth deferred prosecution agreement with Amec Foster Wheeler relating to corruption involving agents in the oil and gas sector. That was only a week ago. And also within that, the Director of the Serious Fraud Office, Lisa Osofsky, wrote a comment piece on DPAs and their future in The Times. A really interesting piece, actually, because it gives an indication of her priorities and what she thinks is the important future for DPAs.

    So what we're going to do today is use her speech, her comment, as a structure for our conversation. We're going to think about how DPAs work, whether they work, what the challenges are, what the future is going to bring for them, but also picking out some of the key things which the Director of the Serious Fraud Office, which is the agency who has so far led the way in deferred prosecution agreements in the UK, and in particular we are going to talk about the importance of cooperation, the importance of penalties and fine calculations and how those are done, data and exposure, and also the proposed changes to the law on corporate liability in the UK and how those fit into deferred prosecution agreements.

    Rebecca, do you mind just giving us a little round up of those two events in the last week – so that’s the Amec Foster Wheeler DPA and Lisa Osofsky's piece in The Times – just to set the scene for us?

    RC: Yes, certainly. In fact, the timing was rather wonderful actually because when we first decided to do this webinar neither of those things had happened, so the timing was very useful.

    Dealing first then with the Amec Foster Wheeler DPA, there's been talk in the community for some time now if DPAs are likely to remain at the forefront and as a tool being used by the various prosecuting authorities, especially the SFO, but others who also have the power to use them. And what this DPA sets out is the clear message is yes, it's a resounding yes.

    So what of interest has actually come out of that particular DPA? Well, first of all, it’s the size of the fine. We're looking at £103 million here, which is taking us back to the days of sort of Tesco and Rolls Royce where you're dealing with hundreds and thousands of pounds rather than the slightly smaller fines that we've had in the last two or three DPAs.

    What's also interesting again is it’s a return to multi-national overseas criminality. And also what's particularly interesting with regards to Amec Foster Wheeler, is it brings to the forefront the issue of successor liability. The Wood Group took over Amec Foster Wheeler so essentially it inherited the problem, if you like, and it's important when considering issues with regards to your clients and corporates etc. It brings into the issue due diligence, what you should be doing at the time of corporate deals, and it also shows that actually it is possible to navigate scenarios such as this, and doesn't stand in the way of acquisition of companies. And what's clear here, as well, is that the Wood Group obviously factored in the fact that they were going to have pay a hefty fine, as it ended up £103 million, but it was still of value to them to continue. So that’s an interesting angle. But despite the fact that this was looming, it wasn't insurmountable and they were still able to proceed with the acquisition, notwithstanding the fact that the SFO were essentially waiting in the wings.

    Another aspect, as well, with regards to this is the consideration as well as your normal due diligence that you have to deal with when you're looking at an acquisition of a company, also when you’re here dealing with issues such as this, you have to consider things like COCR, you know, are you dealing with potentially criminal money here as well?

    And I think the last thing, with regards to this particular DPA which is of interest, is Edis LJ when he dealt with it in the High Court last week or the week before, he was actually critical of the company as well, and spoke of ignoring red flags. And there's been two or three instances where the judiciary has expressed a view, and here we have one from Edis LJ expressing his. So, yeah, interesting and obviously bang up to date and showing that DPAs definitely seem to be here very much to stay.

    And then just dealing briefly with Lisa Osofsky's piece which was actually reported in The Times as well, a few days before the DPA was announced, is … and I know we'll look at it in more detail later, but it's very much again the message DPA is here to stay. And it's interesting, against the background of where we are at the moment with regards to the pandemic, clearly Covid, empty coffers, DPA's potential to help re-fill them again. So you can see, for that reason, that DPAs are going to be a useful tool going forward. So, yeah, I know we are going to return to Lisa's piece in due course but, yeah, interesting times.

    RH: Absolutely. And, Rebecca, that point you made about into the coffers, again, I'm sure we'll come back to it but one of the points the Director made was that, through fines and another penalties, the Agency has contributed more than £1.3 billion to the Treasury in the last four years, and £1.5 million has gone into the Treasury in terms of DPA outcomes. So there is … $1.5 billion, sorry. So in troubled times, this is possibly an important piece in terms of revenue-raising.

    RC: Absolutely. And I suppose the only other thing with regards to that, is you then have a potential tension with regards to public interest; would the man in the street be content for essentially what they may perceive as a corporate effectively buying their way out of something where there may be a large amount of dishonesty, let's say? But then that has to be seen against, also, the public interest in the gains which regards to the saving of money, which I know we will get onto later, and also the gaining of money with regards to the fines and penalties.

    RH: Okay. Well, look, a great place to … a great backdrop for this conversation. Neil, before we get into the weeds on this, would you mind giving us a bit of a refresh on the DPA process? Just talk us through how a DPA works.

    ND: Sure. Thanks, and morning everyone. So look, DPAs, they're not unique to the UK, we're increasingly seeing them used globally by enforcement agencies to resolve corporate criminality. But we're just going to give a high level overview of the UK process here, because there are some unique features which we don't necessarily see in other jurisdictions.

    Just a couple of headline points in terms of the scope of the regime here. So DPAs are only available in the UK to certain prosecutors. Currently, in the UK, the designated prosecutors are the Serious Fraud Office and the Director of Public Prosecutions so, importantly, they are not available to authorities such as the FCA. They're also only available in respect of certain criminality and, broadly speaking, that covers fraud, bribery and corruption, and other economic crimes.

    And DPAs are only available in the UK to corporates. That’s quite a significant difference to the US, for example, where they are frequently used, and have been for a long time, in relation to cases against individual defendants.

    And finally, DPAs, they only protect the corporate from criminal prosecution in the UK, so they don't protect it from civil or regulatory liabilities or, indeed, prosecution or those types of liabilities in overseas jurisdictions.

    Just in terms of how the whole process kicks off and is initiated, the prosecutor applies a two-stage test. So the first stage of that is the evidential stage, and they must be satisfied that there is at least a reasonable suspicion based on some admissible evidence that the corporate has committed the offence, and there are reasonable grounds for believing that if they continued investigating for a further reasonable period of time that, taken together, there would be sufficient evidence of establishing a realistic prospect of conviction in accordance with the Full Code Test for prosecutors. So the point there is that there has to be some evidence, so the DPA process really can't start until there has been a period of investigation by the prosecutor.

    And the second stage is the public interest stage. And that’s really testing would the public interest be properly served by the prosecutor not pursuing a prosecution, but instead agreeing to a DPA. And that’s a subjective test and is determined based on a range of factors including the corporate's previous conduct, the seriousness of the harm, whether they have cooperated, which we will come on to discuss, and have a proactive compliance programme, and also the effect a conviction would have on the company, its shareholders and its employees.

    So if the prosecutor determines that this does fit the DPA process, then they will invite the company to consider it or enter into DPA negotiations, it's voluntary for the company. And following that period of negotiation, that leads on to a court process. And one of the really unique features of the UK system as compared to the US, for example, is the level of judicial oversight, and the courts are very much involved throughout the DPA process here, and they need to approve and have visibility of the terms at various stage.

    So at the preliminary hearing, the prosecutor will ask the Court for a declaration that DPA is in the interest of justice, and that the proposed terms are fair, reasonable and proportionate. The parties will then go away, agree those terms, and then they will come back and there will be a second approval hearing at which a declaration be sought that the terms agreed are indeed fair, reasonable and proportionate. And that declaration will be granted in open court. The preliminary hearing, the first hearing, is in private. And then the terms of the DPA will be made public on the SFO website and, as you will know, these cases have been very widely reported in the mainstream media as well.

    Just a word on the terms, DPAs are for a specified term, not prescribed typically between two and five years. They'll include a statement of facts relating to the alleged criminality, and then there will be other terms which are quite common to these agreements; so a financial penalty, payment of prosecutor's costs, and ongoing corporation investigations into individuals. And there may be separate specific terms in the case in question, so requiring a company to implement or augment existing compliance programmes, for example, or appoint a corporate compliance monitor.

    So looking towards just the end of the process, there is provision in the code and in the process for the eventuality that the DPA is breached. So if a breach occurs and the corporate doesn't comply with one of the terms, then the DPA can be terminated. And in that case the, the DPA will immediately cease to have effect and the prosecutor may seek to prosecute the corporate in question. And there can also be variations of DPAs, for example, where there is a breach and the parties agree to try and amend the agreement so that that breach can be rectified.

    And finally, and the position that all corporates try to get to, is that the DPA is discontinued. So when it expires, the prosecutor is required to notify the Court that the corporate has fulfilled its obligations under the DPA and the prosecutor does not intend to continue with the proceedings. And we've seen that happen … so far, we have seen it in the Tesco case, for example, where that notice of discontinuance has subsequently been filed.

    RH: Okay. Well, that was fantastic, a great overview for us, but lots of different steps to go through. One of the first topics which the Director talked about in her article in The Times last week was cooperation, and that’s something that those of us who advise clients about DPAs have front and centre. Should you be cooperating to the extent that's necessary to obtain a DPA and what does cooperation look like?

    Neil, there's some guidance, isn't there, that the prosecution authorities have to follow in terms of cooperation? What do they tell a company about cooperation and what they need to do?

    ND: Yeah, that’s right. I mean, I think the first thing to note is that what the Director said last week is very consistent with the messaging that we've heard since DPAs were introduced in 2014, and the DPA Code itself makes clear that considerable weight will be given to a genuine proactive approach by a corporate cooperating with the prosecutor, and that will weigh very heavily against prosecution and in favour of the DPA. And so cooperation has really become the cornerstone of the whole process and it has to be at the heart of everything the corporate is doing and thinking about, really very much from the outset, once they've detected the relevant conduct.

    Now up until now, or until more recent times, cooperation hasn't been described and, really, we had to look at DPAs that have been agreed to date to identify the examples of what represents good cooperation and good practice. But, as you say, more recently the SFO has been more forthcoming with information and guidance, and has provided more prescriptive examples by publishing sections of what's called its Operational Handbook, and that’s the handbook that the case teams at the SFO use to help guide them in assessing cooperation and making these decisions.

    So they've made a couple of chapters of that public. First, in August 2016, they published their Corporate Cooperation Guidance, and the themes here in the requirements are consistent with what we've seen throughout; so identifying, bringing perspective on adjudication to the SFO in a timely manner, being forthcoming with evidence and data, but there as just a bit more specificity around it. So something I thought was quite interesting is that when it comes to responding to information requested, providing data, they encourage firms to think about the manner and form in which the data is presented. So rather than just a few tranches of data, providing it in a digestible and coherent format, and also facilitating SFO requests to access data held by third parties in overseas jurisdictions.

    Importantly, on witness interviews, and if the corporate wants to consider taking any disciplinary action against individuals, the guidance makes clear that the SFO expects to be notified about that in a timely manner and before any steps are taken. And so that can have quite significant implications in terms of timetable and how they're managing these issues internally.

    Then at the very end of last year, actually, there was some follow-up guidance specifically regarding DPAs and this again highlights the importance of cooperation as the key factor and talks a lot about the timing of the self-report and, significantly, that the SFO, they expected to be notified without the threat of imminent disclosure by a third party or, you know, not just before they're about to compel information to the corporate, they have to be given, given fair notice. And I think what's quite interesting here is that this really creates a challenge for corporates because there's been a real proliferation of detection channels and the mediums through which the SFO can find out that this type of conduct has really grown in the past couple of years. So traditionally there's been whistle blowers, disgruntled competitors, SARS, but now we're seeing investigative journalism, data leaks, you know, even blog articles, and the intelligence team at the SFO are monitoring these channels and so there's a real risk that if you don't get in early enough, then it's going to come to their attention in in other ways.

    RH: They're going to find out.

    ND: Exactly. And so one other just final point I wanted to mention, on cooperation actually, is just cooperation in the time of Covid. Because it's going to be really interesting to see how the SFO's expectations have changed in terms of cooperation over the past 16 months. Now it will take some time for this to filter through in the cases but it's been really challenging for companies. If you want to cooperate, your ability to do that has been really restricted in terms of access to information, data, people working remotely, you can't access devices, you can't access witnesses, particularly getting overseas information has been more challenging. And so I think the ability of corporates to be able to do this, and do that preliminary intel and investigative work that they need to do before they're in a position to make a proper comprehensive self-report, that’s been really difficult, so it will interesting to see if that’s reflected in case team expectations when they're holistically looking at cooperation and what firms have done in the past 16 months in particular.

    RH: Okay. Yeah, and to see whether there's been any recalibration. Charlie, can I bring you in here? Just two specific things. One that Neil has just mentioned, which is the sort of internal investigation corporates need to do ahead of a decision to self-report, and the other is I'm interested in your experience of what sort of thing a corporate needs to have shown that it's either done or considered in order to be able to avail itself with an opportunity of a DPA.

    CP: Thanks, Ruby. Thanks, Neil. I think, in relation to cooperation, as you say, absolutely vital for the company to be able to demonstrate that. And those of you who've looked at the details of the Airbus settlement will have seen that there was a €400 million discount, so well over a £300 million discount, which was deducted by the SFO in relation to the judgment for agreement to the deferred prosecution agreement, the company's cooperation and also the remediation steps and, in particular, focusing on those remediation steps. And all the three authorities with whom Airbus settled; the French, the US and the UK, require evidence of a compliance programme to be in place before they will enter into that deferred prosecution agreement.

    Now that can be sometimes a bit of an afterthought for companies. I think companies and their advisors are becoming a lot more savvy about that and starting that a lot earlier in the process, and that can be a process of mapping added to the procedures or sometimes a focus on specific areas.

    Now there can be a slight difference in approach between companies and the prosecutors in relation to what that remediation and cooperation looks like. So in G4S, for example, the parent of the relevant company has given undertakings to ensure compliance and remedial managers have been implemented across the whole group of companies and not just in relation to the specific company. And that compliance and remediation, remember, is around being able to demonstrate to the prosecutors a change in culture. So again, in relation to Airbus, you will see this in the DPA, there was a statement saying that as regards compliance and culture, the company is a different one to the one it was when the offences alleged in the guidance occurred.

    RH: Do you think, Charlie … sorry to interrupt you, but do you think that it's important that a company is showing it has already turned over a new leaf, or is it about saying, "We'd be prepared to do that"?

    CP: I think it has to. But by the time it's approaching the DPA, it's got to show that it's got that well on track. I don’t think, and you will see from the Airbus settlement where the French Anti-Corruption Agency, the AFA, which is appointed as the monitor, its focus is on the effectiveness of the compliance programme rather than the design of the compliance programme. And so showing the structure is there is important. Clearly, development of the compliance programme is always an ongoing matter, so companies showing that they're taking these matters seriously, and that they are putting in remedial measures, is absolutely vital.

    On Amec last week, there is no monitor in recognition of the company's compliance enhancements but it still has to report over the term of the DPA the remediation steps it has ongoing.

    RH: So a monitor is not an essential part, Charlie? There are circumstance in which a company could show it didn't need to be monitored?

    CP: Quite so, and being able to demonstrate that. I think, in Airbus's case, it was dealing with three separate authorities in relation to the compliance matters. It was obviously the UK, the French and the US authorities. What they did do was they effectively appointed what became effectively a shadow monitor two years in advance of the settlement, and so this was called the Independent Compliance Review Panel made up some of the great and the good in the UK, France and Germany, who were undertaking their own review of the compliance programme well in advance of the settlement, and so they could help guide the company as to the steps it needed to take in advance of the settlement. And, of course, that won't always be the circumstances, and some UK companies have got external reviewers, others don't.

    I think it's also important to remember that, from a compliance perspective, Judy Krieg has this year joined the Serious Fraud Office. She has an extensive compliance background and. of course. Lisa Osofsky herself came from Exiger who were HSBC's external monitors.

    RH: So very much the monitoring and compliance approach is sort of baked into the management and the leadership at the SFO now?

    CP: I believe so, I believe so. We’ll have to see how … obviously the Amec matter has been going on for a number of years, I think we will have to see how future DPAs flow out from the SFO and the statements that they make in relation to compliance and monitoring.

    RH: Rebecca, before we move on from talking about cooperation, there's been a lot of commentary in the press recently, arising from the collapse of the SFO's case against individual defendants in Serco. So Serco was a recent fraud case. There was a DPA that was agreed in 2019, various senior individuals at the company to stand trial. And after a long investigation and a long trial, the case collapsed and the judge cited disclosure reasons for that. [It led to a] lot of comment, and some of that comment was signalling a change in approach by corporates: what is the point in cooperating and going for a DPA if, in fact, the criminality is not capable of being proved in front of a jury? What are corporates signing up to if they're saying, "X, Y and Z people committed criminal acts and therefore we are liable, we'll accept our punishment" if when A, B and C individuals are put up for trial, even if no trial takes place, or a trial takes place and nobody's convicted? I wonder what your … if you have a thought on whether we're going to see a change in approach by corporates in terms of their willingness to cooperate?

    RC: Yeah, it’s interesting. And before the latest DPA, it was one of the things that I was really thinking, well, have we seen the end of it, is there a real change? But when you look at what the positives are for the corporates, I know, for example … I think on the day that the DPA was agreed, for example, with Rolls Royce, I think the share value actually went up because for the first time there was certainty and there was certainty for the shareholders. So there are positives, absolutely, for the corporate. And I know we're going to look … I think we're going to look in a moment with regards to saving of costs for the corporate and saving of information for the corporate with regards to the cost of things like having to deal with disclosure and having to deal with LPP reviews and the like. So there are definitely still benefits, and I suppose it comes down to each individual corporate to determine and do a balancing act.

    But with regards to the culpability of individuals, it’s a very thorny issue because what you're having to deal with, and we'll look at corporate liability in a moment, but when you're looking at the culpability of individuals, you've always got the danger when you haven't got the corporate in the box, or in a dock, or even if you have, that the individual's going to point upwards and they're going to say, "Well, I was just doing what I was told. There was a culture and I was trained within that culture and understood that this was how things were done". Now, of course, that doesn't take away the issue of whether bribery and corruption was going on, but it does go towards the mens rea of the individuals because, arguably, they could argue that, well, if there is material, as it seems was the case in Serco and other cases where individuals … have been unsuccessful prosecutions against individuals, they're able to say, "Well, this is the way it was done. And whilst, yes, it may have been wrong, my mens rea was such that I believed it [inaudible]". And it's difficult because you're always going to be able to point elsewhere.

    RH: Well, look, I think it’s a really interesting kind of seed for our topic on corporate criminal liability. [Inaudible] Sorry, I don't know if we’ve lost you or you've lost us, but let's come back to it when we think about corporate criminal liability because, of course, one of the points that the Director has made a number of times, and made clearly in her comment last week, is that the way the UK legislation in terms of holding corporates liable for criminal conduct works at the moment, is that it favours that sort of opposition.

    RC: Yeah.

    RH: "It wasn't me, it was him. It wasn't this department, it was that department. I'm too senior to know", and she's a very vocal advocate of change in the legislation which would enable corporates to be held to account more easily.

    Let's talk just briefly about penalties and fines. Charlie, one of the quotes we've already picked up from last week's article was that the penalties that DPAs bring in have contributed billions to the Treasury. The way that fines and profits are calculated is one of the trickier parts of a DPA agreement. How is that done? The negotiation is part of that DPA process that … there are cases you've described where there's a cross-border element and different authorities are sharing that?

     CP: I think one of the critical matters, a bit like [inaudible] remediation, is making sure that you are starting early, especially if you are dealing with different authorities as well. So the aim is, of course, as happened in Rolls Royce and also in Airbus, is that you have a coordinated settlement between the different prosecuting authorities. And what you don't want to happen is to have trouble with one authority and then have to go through the same process sometime later with another authority and then be fined for the same underlying conduct. So piling on, as it's described. So you'll want to be starting early with that and also encouraging the authorities to employ their own forensic accountants so that you can really start to get into the detail of how you are approaching those calculations with them.

    It is vital for those people who are advising the corporates, both the lawyers and the forensic accountants, to understand, really understand, the business. Just because you're paying a big bribe, that doesn't mean a big profit, and just because there is a big contract which may have been won from that big bribe, that doesn't of itself mean a large profit. And so what you're looking to do also is, in the gain calculation and the profits calculation, to put forward certain arguments where you're attributing costs to those specific contracts. The UK guidelines talk about gross profit, but clearly there are going to be costs which are applicable to those contracts which are value deductions, so research and development – and many companies will have undertaken years of R&D in relation to certain contracts – insurance costs, financing costs, etc.

    And I think, also very importantly, as you're developing the arguments for the loss of the profit, thinking about future profits i.e. profits for sales which have not yet taken place. The Airbus settlement in the UK looked at deliveries of aircraft up to March 2020, which was two months after the DPA. Clearly, at about March 2020, the world airline market was driven into turmoil by the Covid pandemic and it would have been unfair to penalise Airbus actually for future deliveries which actually then may well have been cancelled or delayed.

    And just in the current circumstances, I would emphasise also considerations about ability to pay. The last thing, obviously, the authorities are seeking to do it to put companies out of business, especially at these straitened times, so there may well be a possibility as to raising valid challenges in relation to historic conduct as to the company's ability to pay a fine and a penalty.

    RH: And actually it's a good point you make, Charlie. One of the things the Director said in her comments recently is that DPAs can prevent unnecessary economic damage, where a conviction could put a company out of business and destroy jobs. So if the DPA in fact has the same effect, then we're not hitting the right targets here.

    CP: Exactly.

    RH: There's got to be some sort of differential. And the company's got to be able to be kept afloat, if possible.

    CP: Yeah. And clearly you've got to have a lot of evidence to secure such a reduction, and we see more of this in the US, but certainly in these times which were unexpected, historically, then you would certainly be able to run certain of those arguments which would be accepted.

    ND: And just for me, just one more observation on the fines, actually, bringing it back to the process, is that the Court ultimately has to approve the terms of the DPA and that includes the fine. So some of the criticism has been that these are kind of backdoor deals being done between the corporate and the SFO, perhaps that is misplaced, I think, and unfair in some respects because the Courts have clearly endorsed these large fines by virtue of the fact that they ultimately have to approve and sign off on final hearing. So again it's that additional level of oversight that we have in the UK regime that perhaps doesn't exist elsewhere.

    RH: Interesting. I'm going to move on to cover a couple of points, if we can, on danger and disclosure. So Lisa Osofsky said this, the first comment she makes is that there has been a data explosion, which means that there is far more evidence to interrogate and that the Serious Fraud Office has labs which are frequently dealing with the sort of data that would be the equivalent to housing every UK web page published in a year. So clearly a big job for the forensic teams at the SFO, but what I want to hone in on is what are the advantages in terms of that data explosion if you choose to do a DPA? Rebecca, Charlie, do you want to come in on that?

    RC: Shall I go first then?

    RH: Yeah.

    RC: Well, there's two aspects, I think, to the disclosure point. First of all, you've got disclosure [inaudible] of unused material, but also you've got an LPP aspect of that as well. So that …

    RH: And that’s the privilege question?

    RC: Yes. And dealing with that … for example, if there has to be a review of the material because the material has to be disclosed, and so you have to check that there's no privileged material in it, that in itself is a costly and massive exercise, potentially, and it involves instructing independent counsel instructed by both sides going through and reviewing all the material. It takes a long time and it costs a lot of money. So that’s your LPP side. And also if you go into the DPA, you have got the potential to avoid having to disclose everything because obviously there will have to be some, but as much as if it goes through to an investigation, and then through to a prosecution. And that follows with the disclosure.

    So the reality is disclosure exercises are and can be vast, they are very expensive. And for the corporate, you may be disclosing material which, for those of us who prosecute this sort of thing, it's often within the unused material that you find your absolute gems for cross-examination. So whilst it might appear to be material that the prosecutor isn't using in the first instance, it can result in being a smoking gun, as often the smoking gun, so to speak, is found where you least expect it. So, yeah, whilst there is still disclosure that need to be done, LPP review that still needs to be done, the DPA route can reduce it for both sides and therefore reduce the cost and time on both sides.

    RH: Okay. There's an interesting point you made, Rebecca, that the disclosure exercise, which is what is prompted by the enormous quantities of data, it can firstly be the things that bring a prosecution down. Not uncommon, as those of us who deal with serious fraud know, not uncommon in series fraud cases of all types, disclosure can a real … be the main challenge in a case. But what you're saying, it sounds like this isn't just an easier route, perhaps, for the prosecution, this can end up being an advantageous route for a defendant who has quicker certainty about the data pool that it's responding to.

    RC: Absolutely.

    RH: That at some point in the future, the disclosure exercise is going to throw up a problem.

    RC: Yeah, absolutely. And it knows what it's facing from much earlier in the proceeding.

    RH: Okay. Charlie, do you want to …

    RC: And as you said, sometimes in evidence and [inaudible].

    CP: Sorry, Rebecca, I would just add to that the … given the volumes of data, the absolute need to employ technology wisely. And so technology-assisted review or computer-assisted learning to support your e-review is absolutely vital, and I think that that will also help speed up the investigations, identifying relevant documents, identifying privileged documents, documents which may be restricted for other reasons as well. So I think Lisa Osofsky's comment just emphasises the need to make sure that your technology support, the investigators and the supporting lawyers, is spot on.

    RH: And actually … and you've made a really interesting point already, Neil, about the quality of cooperation sometimes being about, Charlie, having that piece in technology and being able to crunch the data in a way that the companies are disclosing it, showing that they are being cooperative as opposed to just saying, "Please image my server and do what you want with it". It's that cooperation.

    CP: I think it is important as part of cooperation to keep the authorities abreast of how you're using technology so that they can understand that the disclosure process you are going through is robust and complete, rather than it being presented at the end as a fait accompli to them asking them to rely upon all the work that you have done over the period. So I think that's another part of cooperation for you.

    ND: And you can't understate the importance of the integrity of the data as well. That’s a really key concern, I think, for the SFO and, you know, establishing at the outset chain of custody, providence of data, where it's located and then taking steps to preserve it, it's absolutely critical. And it's really important that corporates bear in mind that the SFO has powers to compel subject matter experts, IT teams, to come and answer questions about the data and how certain steps have been taken.

    RH: Yeah, yeah. And I think some of us have probably had experience of them doing exactly that, from inside, helping our corporate clients respond to those sorts of queries which, if they're not prepared for, can become contentious.

    So we've got one more topic to talk about, which is corporate criminal liability, and then we are going to tidy up for a couple of minutes looking to the future. One of the … as I've said, one of the key themes of the Director's comment is that the current law causes problems and doesn't do the UK public a service in being able to hold to account corporates and those who've managed them. There is, as some of you may know, a law commission review at the moment on the law of corporate criminality. It's been an ongoing discussion. We've had calls for evidence, many of us in the community have contributed our thoughts to this already, there's been lots of debate about it.

    But that consultation is ongoing and there's a report expected later in this year, and one of the things that’s been talked about is the extension of the failure to prevent Model which we have in section 7 of the Bribery Act, we have it in the Criminal Finances Act, in relation to the facilitation of tax evasion. What would the world look like if there were a failure to prevent offence for all economic crimes; for fraud, for false accounting, for money laundering? Rebecca, I'm interested in your thoughts on proposed reform.

    RC: Yes. Well, it's clear, as you say, from Lisa Osofsky's piece that she's utterly committed to … or she seems to be utterly committed to trying to reform it and have some sort of section 7-type offence that sort of captures all for economic crime. And it's clear that she's standing on the shoulders there of her predecessor, Sir David Green, because he was obviously very committed to that as well. And when you look at the actual terms of reference of the Law Commission's piece that they're doing, they're very much focusing on the aspect of what we've currently got effectively undermines the rule of law. Because what you have is you have a situation where it is notoriously difficult to … disproportionately difficult to prosecute large companies because of having to identify and attribute the controlling mind and will of the company. And it’s a very small, narrow number of people in any company that that applies to. The bigger the company, the bigger the corporate, the smaller the proportion of people within it who come under that heading.

    So you've got a disproportionate aspect here. First of all, you have got it's very, very difficult to prosecute big corporates for things. We saw that with the News of the World back in the day and also with the more sorts of cases that we're dealing about today. It's proportionately difficult to prosecute them. It's easier to prosecute smaller companies so, therefore, rule of law, how can that be fair?

    And then finally, going back to what we spoke about earlier, individuals in the dock, sitting there often thinking, "Well, why am I here? What about everybody else?" against corporates who seem to effectively be getting away with it because of the difficulty of attributing controlling mind and will, again, unfair, disproportionate, undermining rule of law, which is the very thing that the Law Commission are looking at.

    So what could be looking at, going forward, is some sort of catch all section 7-type offence, along the failure to prevent but expanded, and that being used alongside the DPA regime.

    And different approach, different time, but I think everybody agrees that the current legislation isn't sufficient. Parliament had a go by bringing in the failure to prevent section 7 offences, but it clearly doesn't go far enough. And other jurisdictions are able to do it, the US have a different test, so I think the view is, well, why can't we? It's time to reform. So again, interesting times.

    RH: Yeah, really interesting. And absolute [inaudible] to the future of the DPA because …

    RC: I think so.

    RH: Yeah, the DPA is the tool here and it’s the best tool to be used against corporates, so the Director might say, and to be given a better opportunity to use it would increase its appeal. Charlie, thinking about the future of DPAs, Rebecca's mentioned that other authorities use a similar regime; we've heard about France, about Canada, the DPA regime coming in in Japan, what's your experience of other authorities' use? How can we look to others to see what our regime might look like in the future?

    CP: So that’s a very good point because my most recent experience is France and one point about the Sapin II legislation, which is effectively the French equivalent of the UK Bribery Act, is that it puts a positive obligation on the companies to put in the French equivalent of [American] procedures. And since 2018, the French authorities, the French Anti-Corruption Agency, have been launching audits looking at companies' compliance. So to put in into context, you can imagine there was a government body who would select companies for onsite audits to check whether that adequate procedures were in place, and that also includes the robustness of their anti-corruption financial controls.

    So the French model in some way is quite different, but the other thing that we see about the French model is that, as a prosecutor, the French are becoming far more educated and certainly in relation to the use of CJIPs, which is the French equivalent of deferred prosecution agreements. And I agree with Rebecca and yourself, that's definitely the way to go. How they deal with individuals will be absolutely a key, I think, in the public eye as to their future acceptance and their roll-out as well.

    RH: Neil, I'm going to come to you for the last word, if I may, about looking forward. You've mentioned already that the FCA is not a designated prosecutor, what do you think … what might happen there?

    ND: Yeah, I think it’s a really interesting area. Closer to home, are there going to be other authorities who want to become designated prosecutors and have the ability to use DPAs? The FCA is the obvious one. They are obviously a very active enforcement agency and they have a real state of intention to enforce their criminal enforcement powers under the Money Laundering Regulations, which includes a provision that there's an offence under the Money Laundering Regulations … that a corporate offence is failing to maintain adequate AML systems and controls, and indeed they've commenced their first prosecution under the 2007 regs.

    But it strikes me that that … criminalising systems and controls in that way, that type of offence really lends itself to a DPA regime, and I think regulated firms will be watching the ongoing case with real interest because an acquittal there, I think, could lead the FCA to reconsider their approach and whether, actually, they should be looking to enforce that offence through DPAs rather than through prosecutions. So we'll watch this space but it certainly seems to be something … a tool that I think they would be very interested in.

    RH: Yeah. And I think, Charlie, you've spotted HMRC talking about an investigation into section 7 of the Bribery, so perhaps them getting involved in this territory too?

    CP: Yes, we'll have to see how they roll out the failure to prevent offence in relation to DPAs, but they've certainly launched investigations relating to UK bribery laws prohibiting briberies for commercial advantages, and so will have to see how that plays out as well.

    RH: Well, we're going to draw things to a close there. Thank you very much, Charlie, Rebecca, Neil. That’s been just fascinating, and we clearly could've talked for many more opportunities about all of the things that we picked up. One question has come in, asking about examples of DPAs being withdrawn. So are there … have we seen examples of DPAs which have either expired or which have been withdrawn and, if so, what are the consequences for a corporate?

    ND: Yeah. I think three of the DPAs so far have been completed, effectively, so the term has expired. But the most recent one was Tesco in April of last year, and also Standard Bank which was the first one, in 2015, so that term has also expired, and I think Sarclad as well. So three of them are complete, so withdrawn in that sense, that has expired and the corporate has fulfilled its obligations.

    RH: Okay. And that presumably means a clean bill of health for the corporate who are going to run the compliance programme on a day to day basis of the sort that Charlie's described?

    CP: I would add to that, Ruby, that also, from experience with other regulators and overseas, you know, one of the things that can certainly happen is that the monitorship is extended, the authorities are not satisfied that sufficient progress has been made. And I have seen this in a number of fora where the monitorship continues for another period of 6, 12, 18, 24 months to put in place these required remediation measures. So even if the DPA has not been withdrawn per se, it certainly could be extended in relation to its compliance measures.

    RH: Interesting. Well, we're going to draw things to a close there. Thank you very much indeed. If any of the audience have other questions they want to fire at us, you know where to find us, and just thank you very much for joining us. It's been a great session. Especially thank you to Rebecca from Red Lion Chambers, to Charlie from FRA for joining us this morning, and we hope to see you next time. Thanks.

    The information provided is not intended to be a comprehensive review of all developments in the law and practice, or to cover all aspects of those referred to.
    Readers should take legal advice before applying it to specific issues or transactions.